Apple Intelligence and the Impact on Corporate Data Security
Apple recently announced its first products with fully integrated Generative AI tools — including the iPhone 16. This move is expected to bring significant advancements in user experience and device capabilities. However, it also raises concerns about the privacy and security of corporate data on both employee and business-owned devices.
In this blog, we’ll examine what we know about the safeguards Apple is promising to use, the lingering questions for security and privacy leaders, and how BlackBerry can help you protect your organization as you manage a growing number of Generative AI tools.
What is Apple Intelligence?
Apple calls its entry into the AI space Apple Intelligence, with a beta release during fall 2024. Like most Generative AI tools, including our Cylance® Assistant, Apple Intelligence is designed to give users powerful and fast intelligent tools and capabilities. In this case that involves helping them write, express themselves, and get things done more efficiently. But how does this launch impact the security and privacy of corporate data? Let’s review the key points of Apple AI that have been revealed so far.
What Is Apple Doing to Protect Data Security and User Privacy?
Apple announced two risk-mitigation features. One is on-device computing, the other is Private Cloud Compute.
On-Device AI processing
Many of Apple’s new AI features, such as Writing Tools, Image Wand, and Genmoji, are available only on new and recent iPhones and devices. This is because Apple Intelligence will do as much processing as possible locally, on each individual device.
Private Cloud Compute
For off-device computing, the company developed Private Cloud Compute (PCC). The service's design and architecture demonstrate a deep understanding of the privacy challenges posed by cloud computing and a willingness to push the boundaries of what is possible to protect sensitive information. Apple also promised that “Your data is never stored” and it is “Used only for your requests”.
The Private Cloud Compute whitepaper documents their design and seems to indicate that they are serious about that claim.
Here are some key design goals Apple says it had in the creation of PCC:
- Stateless computation on user data: Process user data solely for request fulfillment, leaving no trace after response.
- Enforceable guarantee: Ensure all critical components support core security and privacy guarantees.
- No privileged runtime access: Prevent bypassing of privacy guarantees, even for incident resolution.
- Non-targetability: The system is designed to resist targeted attacks on specific users.
- Verifiable transparency: Allow security researchers to verify PCC's privacy and security guarantees.
By pushing the boundaries of privacy in the cloud, Apple has created a cloud computing platform that may become a precedent for other technology vendors.
Generative AI Business Risks to Watch
Many businesses use secure applications to control their confidential information. One of the main concerns we’ve heard regarding Apple Intelligence is around its new set of writing tools.
From our discussions with security-conscious Apple users, they are looking for several assurances from Apple, including the following:
- They want clarity on what data Apple Intelligence has access to.
- Organizations need visibility on when their data leaves the device to understand which is local vs cloud processing.
- They are looking for control over the scenarios in which Apple may use their corporate data to train AI models.
- Security and privacy leaders would like assurances that the "Private Compute Cloud" model Apple announced is truly private.
- They are curious about how data is aggregated, anonymized, and encrypted and also about how long it is stored.
- They are wondering about the option to opt out of AI usage if they determine Apple’s privacy model is not satisfactory for their organization.
The BlackBerry Approach: Control and Choice
The fantastic news for BlackBerry customers is they do not have to worry about the answer to most of the questions listed above. For companies whose device fleets are composed of fully managed (MDM) iPhones, BlackBerry already has included controls for various Apple Intelligence features, such as Writing Tools, in the fall 2024 policy pack update.
For application-only (MAM/BYOD) device deployments, BlackBerry is adding application-level controls to provide our customers with the options they need to meet their data security requirements when personal devices are used with our BlackBerry secure productivity apps.
This provides unique flexibility; for example, you can:
- Control the Apple Writing tools experience for the entire device
- Control the Apple Writing experience only within the BlackBerry secure productivity applications, allowing the user to make use of the new features for their personal apps
Today, and Looking to the Future
In my role, I see customers with a very diverse set of security needs related to the use of AI on mobile. Customers are often less concerned when using local processing, as their data isn’t leaving the mobile device. Data must not be moved around the device, though, and all local processing must be ephemeral as it is with device memory (RAM), for example. Generally, customer concerns are focused on understanding when data may leave their mobile devices and how that data is handled if it is.
The BlackBerry approach to mobile device security has been one of choice and control for our customers. We give flexibility to our customers to implement different levels of control for their varying security and compliance needs. Our tools help businesses have the right levels of balance between security, usability, and productivity.
As the Apple ecosystem gains confidence in the use of Apple Intelligence, BlackBerry, as a pioneer in the use of AI/ML, will be at the forefront, powering next-gen productivity workflows anchored around the secure email and productivity application BlackBerry Work and the reliable, secure enterprise browser BlackBerry Access.
Related Reading
